I have been working on getting my prosody installation behind the
relayd(1) reverse proxy on OpenBSD. Everything seems to be in order
except that prosody won’t let me use unencrypted authentication. My
configuration file explicitly disables TLS and contains the following:
allow_unencrypted_plain_auth = true
c2s_ports = { 5323 }
c2s_interfaces = { "127.0.0.1" }
c2s_require_encryption = false
s2s_ports = { 5370 }
s2s_interfaces = { "127.0.0.1" }
s2s_require_encryption = false
s2s_secure_auth = false
The relayd(1) configuration for this looks like this:
relay xmpp_c2s {
listen on wg port 5223 tls
protocol "xmpp"
forward to <prosody> port 5323
}
relay xmpp_s2s {
listen on wg port 5270 tls
protocol "xmpp"
forward to <prosody> port 5370
}
I can’t figure this one out. Does anyone have any pointers?
--
Emma Tebibyte (fae/faer)
http://tebibyte.media/~emma